Rise of the Machines- Artificial Intelligence and Security

Artificial Intelligence (AI) software is everywhere being leveraged by many industries such as healthcare, fintech, and e-commerce. However, how does AI affect the security space? Join Maty Siman, Checkmarx Founder and CTO, to get both a white hat and black hat perspective to AI and security.
During this webinar Maty will talk about:
• How AI is revolutionizing the Application Security (AppSec) market
• How Checkmarx is using AI to shatter the Application Security Testing (AST) glass-ceiling
• How AI can be used to scale your software security program

Developers, security professionals and DevOps teams often find themselves struggling between timely code delivery, secure code delivery and automation:
- Developers are most commonly measured on the delivery speed and quality of their code, not on the security of their code.
- Security professionals want to ensure that every piece of code is tested upon commit for security threats, without incremental cost and friction with developers and DevOps.
- DevOps on the other hand care about the effectiveness of the release process and want to make sure nothing slows that down.

In this webinar, Nathan Leach, Solution Architect at Checkmarx will walk you through how CxSAST allows companies to embed security into the software development lifecycle in a way that doesn’t disrupt developer’s work, doesn’t add any additional code reviews, and doesn't use any new tools.

Developers, security professionals and DevOps teams often find themselves struggling between timely code delivery, secure code delivery and automation:
- Developers are most commonly measured on the delivery speed and quality of their code, not on the security of their code.
- Security professionals want to ensure that every piece of code is tested upon commit for security threats, without incremental cost and friction with developers and DevOps.
- DevOps on the other hand care about the effectiveness of the release process and want to make sure nothing slows that down.

In this webinar, Nathan Leach, Solution Architect at Checkmarx will walk you through how CxSAST allows companies to embed security into the software development lifecycle in a way that doesn’t disrupt developer’s work, doesn’t add any additional code reviews, and doesn't use any new tools.

Companies are looking to implement DevOps, bringing development and security teams together to code applications faster securely. With this structure, the need, and the benefit of putting security in the hands of developers is clear. However, the reality is that 60% of developers do not trust the security level of their applications, because developers are often not given enough security support. In general, companies train developers in security once a year, or even once a quarter in the best of cases, and thus hope that their teams will have the same level as security specialists. This approach consisting mainly of ticking the box "training in secure development," is not sufficient to establish and grow a real culture of application security within the organization.

Join us to find out how to build an AppSec awareness program that genuinely supports and trains developers to think and code security daily.

Developers, security professionals and DevOps teams often find themselves struggling between timely code delivery, secure code delivery and automation:
- Developers are most commonly measured on the delivery speed and quality of their code, not on the security of their code.
- Security professionals want to ensure that every piece of code is tested upon commit for security threats, without incremental cost and friction with developers and DevOps.
- DevOps on the other hand care about the effectiveness of the release process and want to make sure nothing slows that down.

In this webinar, Nathan Leach, Solution Architect at Checkmarx will walk you through how CxSAST allows companies to embed security into the software development lifecycle in a way that doesn’t disrupt developer’s work, doesn’t add any additional code reviews, and doesn't use any new tools.

When software is everywhere, security is everything.
In 2020 alone, around 30 billion IOT devices are expected to be connected. In addition to the number of devices, there are over tens of thousands of builds a day from leading companies. With the number and breadth of connectivity growing exponentially around the world, integrating security into DevOps systems is more important than ever.

In this webinar, Checkmarx top Sales Engineer, Yalin Arie, and Regional Sales Manager, Eli Menashe, take us to the next level by examining the many advantages and tools that security can offer from the start of development through to deployment and testing without waiting. They will also present the battle between the rapid DevOps development, go-to-market results, and the challenge of AppSec's notoriously slow and lengthy requirements.

In this webinar we will cover the following topics:

- What exactly are DevOps and DevSecOps?
- Why security testing should be part of the DevOps process
- How DevOps and security teams can work together smoothly
- Dynamic solutions for vulnerability analysis during the integration tests
- The future of DevOps and application security

Learn how organizations are beginning to embed security into their DevOps initiatives and find out what barriers need to be addressed in order to effectively achieve what the industry calls: DevSecOps.
Join this session to learn:
- The step that directly influences all other aspects of your DevSecOps initiatives
- The benefits of integrating security automation into DevOps, resulting in improved quality, speed, and security
- The most important topics that must be addressed when embedding security into DevOps

Software development teams are often overloaded with security-related data, hindering delivery speeds and security integrity. In this session, learn the importance of application security testing solutions that leverage automation to produce high-quality findings and results, and how they help organizations achieve a true DevSecOps model by automating vulnerability detection and triage.

Keeping up with customer expectations in the digital age and continuously releasing high-quality software is tough. While not a silver bullet, the answer to doing both well in 2020 increasingly lies in test automation.

However, adopting test automation is not without its challenges, and it must be blended correctly with manual testing.

Join this panel of testing experts as they discuss how to find the balance between manual and automated testing, including:

- Where to introduce automated testing
- Why it’s crucial that you establish a repeatable manual documented process prior to implementing any automation
- How to scale automated testing

The main goal of any application security testing program is to reduce enterprise risk without hindering software release cycles, which is best achieved through thoughtful planning and implementation of security testing automation. However, this often remains an obstacle for many organizations today.
To address this issue, Checkmarx recently announced the availability of an orchestration module called CxFlow for the Checkmarx Software Security Platform that tightly integrates with application release orchestration and agile planning tools.
Implementing CxFlow:
• Enables automated scanning earlier in the code management process by integrating directly into source control management systems or CI/CD tools
• Improves operational ‘flow’ of secure software development and delivers more actionable vulnerability findings
• Allows organizations to improve the security of their software without interrupting developer workflows

Join Ken McDonald as he walks through CxFlow, demonstrating how it offers end-to-end automation - from scanning to ticketing, seamless integration with the modern development ecosystem, and centralized management.

This talk will highlight serious security findings in Android smartphones, enabling attackers to remotely control, take, and retrieve photos, videos, and geolocation from victims’ phones without the victim knowing, even if the phone is locked or the screen is turned off. Join us to see how one team chained several weaknesses and features to create a fully weaponized rogue spy-application.

Checkmarx invited Inon Shkedy of Traceable.ai to come by to talk about the OWASP API project that addresses modern threats for API based applications. While traditional vulnerabilities like SQLi and XSS are becoming less common in APIs, there’s been an increase in vulnerabilities that are either specific to APIs or present a bigger risk, which many developers are unaware of.

During this talk Inon discusses:
- The biggest challenge in APIs: authorization
- OWASP top 10 for APIs, including examples
- Tools for security engineers to perform pentest for APIs
- Tips for developers on how to develop more secure API

As CISOs are """"moving left"""" and integrating DevSecOps technologies into the daily routine of developers, testing and securing their own code is becoming the new normal. Educating software developers into better practices is key, especially in the context of securing applications.
Join this panel of industry experts and leaders to learn more about:
- The evolution of DevOps and DevSecOps
- Why security testing should be a part of the DevOps process
- How DevOps and security teams can get along better
- Dynamic tools to monitor applications and scan for vulnerabilities
- The future of DevOps and security
This panel will be broadcast LIVE during RSA Conference in San Francisco.

In 2020, we’ll see a proliferation of microservices in software architecture. With cybersecurity at the forefront, development teams are expected to place an equal emphasis on security as they currently do on speed. How will a modernized, secure microservices approach impact your organization? Will this become the new normal for software development, and what solutions will your organization need to secure your microservices architecture?

Join this exclusive video interview with Matthew Rose, Global Director Application Security Strategy, Checkmarx to learn more about the proliferation of microservices and the impact on software development.

Viewers will have an opportunity to learn more about:
- The current state of software development and the emergence of DevSecOps
- How to embed security in your DevOps culture
- Best practices for speedy AND secure software development lifecycle (SDLC)
- Why continuous security testing is essential, and how to achieve continuous security testing for microservices
- How to achieve an effective migration plan that will enable you to reduce risk during initial stages
- Solutions needed for optimal security coverage for microservices

This video interview will be broadcast LIVE from San Francisco during the 2020 RSA Conference.

Please join Checkmarx for a live webinar on the benefits of Devops for financial services organizations.

Today, financial service organizations build software dramatically different than just 10 years ago. New development models deliver software faster than ever before to meet changing consumer demands, maximize operational efficiency and drive digital transformation. It’s simply no longer an option to deliver software that hasn’t been tested for security throughout the development process. The risks are too great.
During this webinar, Checkmarx Global Director of Strategy, Matt Rose, will review specific steps financial organizations can take to address security in the software they create and how to build more secure applications at the start of the software development lifecycle (SDLC).